Require clients to be online when creating new shared symmetric encryption keys

[gkc]

NOTE that this is already a requirement, since the sending client always needs to fetch the public key of the recipient. So this ticket can be reduced to a "ensure appropriate exceptions with appropriate messages are raised when attempting to do something that requires the client to be online"

Is your feature request related to a problem? Please describe.

We need to make the lifecycle of shared symmetric encryption keys entirely predictable.

Describe the solution you'd like

Clients should

• check if shared_key.bob@alice exists (can be done locally and then on atServer - this is how things currently work I believe, so no change required)
• if none exists, and we are online, generate one and store it on atServer (and not locally - that way, the only way that shared_key.bob@alice gets into the local data store is if it was synced from the server)
  • May 23 update: The solution outlined in this bullet point was not taking "non-syncing" clients into consideration. See Symmetric encryption keys always need to go to atServer first #1041 for the correct logic - it needs to store locally after storing on the atServer
• if not online, raise exception for client app stating that one needs to be online when creating new shared symmetric encryption keys

Additional context

See also atsign-foundation/at_protocol#65 which is another part of what's required to achieve the goal of completely predictable lifecycle of shared symmetric encryption keys

[gkc]

Marking for discussion on an architecture call before moving to implementation